<li> create a PGP key if you haven't already: <code>$ gpg --gen-key</code><br> WARNING: make sure you understand the implications of holding a private key, e.g. do not generate it on a computer you don't own and have ''full control'' over.

<li> create a PGP key if you haven't already: <code>$ gpg --gen-key</code><br> WARNING: make sure you understand the implications of holding a private key, e.g. do not generate it on a computer you don't own and have ''full control'' over.

−

<li> sync your public key with keyservers: <code>$ gpg --send-keys '''$YOUR_KEY_ID'''</code><br>WARNING: this is irreversible. Make sure you are prepared to protect your private key and you are using a very strong passphrase.

+

<li> sync your public key with keyservers: <code>$ gpg --send-keys '''<your key ID>'''</code><br>WARNING: this is irreversible. Make sure you are prepared to protect your private key and you are using a very strong passphrase.

−

<li> submit your '''public''' key to LUG@UCLA:

+

<li> figure out your key fingerprint and RSVP:

−

* <code>$ gpg --export --output YOURNAME.key</code>

+

* <code>$ gpg --fingerprint '''<your name or key ID>'''</code>

* upload to https://linux.ucla.edu/keysigning/

* upload to https://linux.ucla.edu/keysigning/

</ol>

</ol>

Revision as of 04:17, 1 November 2013

Note: This page is for planning a keysigning party hosted by LUG@UCLA.

A keysigning party is an event for helping people verify each others' PGP keys and strengthening the web of trust.

take control of your privacy

meet other interesting members of the privacy-aware community

pizza

Event information

Where: Boelter Hall 4760

When: TBA

Instructions

Way before the party

create a PGP key if you haven't already: $ gpg --gen-key WARNING: make sure you understand the implications of holding a private key, e.g. do not generate it on a computer you don't own and have full control over.

sync your public key with keyservers: $ gpg --send-keys <your key ID>WARNING: this is irreversible. Make sure you are prepared to protect your private key and you are using a very strong passphrase.

add the hash to the bottom of keylist.txt: $ cat keylist.txt.sha1 >>keylist.txt

print keylist.txt and keep safe

During the party

bring the printed copy of keylist.txt

bring one or more forms of ID (e.g. drivers license + Bruin card)

eat pizza

After the party

retrieve your annotated keylist

for every person on the list with two check marks, import that person's key into your local keyring: $ gpg --search-keys "First Last"

Troubleshooting

Q: How do I install GnuPG (gpg)?A: If your operating system doesn't come with GnuPG installed by default, you should seriously consider switching to a different operating system. If you're trying to use PGP on Windows or Mac, that kind of defeats the purpose because the software on your computer cannot be trusted to begin with. See Installfest